package com.andyou.modules.sys.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.activiti.engine.TaskService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.andyou.common.config.Global;
import com.andyou.common.security.shiro.session.SessionDAO;
import com.andyou.common.servlet.ValidateCodeServlet;
import com.andyou.common.utils.CookieUtils;
import com.andyou.common.utils.IdGen;
import com.andyou.common.utils.SpringContextHolder;
import com.andyou.common.utils.StringUtils;
import com.andyou.common.utils.ValidateUtil;
import com.andyou.common.web.BaseController;
import com.andyou.modules.act.service.ActProcessService;
import com.andyou.modules.act.service.ActTaskService;
import com.andyou.modules.sys.entity.User;
import com.andyou.modules.sys.security.FormAuthenticationFilter;
import com.andyou.modules.sys.security.Principal;
import com.andyou.modules.sys.security.UsernamePasswordToken;
import com.andyou.modules.sys.service.SystemService;
import com.andyou.modules.sys.utils.UserUtils;

/**
 * 登录Controller
 * 
 * @author ThinkGem
 * @version 2013-5-31
 */
@Controller
public class LoginController extends BaseController {

	@Autowired
	private SessionDAO sessionDAO;

	private SystemService systemService;
	
	@Autowired
	private ActProcessService  actProcessService;
	@Autowired
	private ActTaskService actTaskService;
	@Autowired
	private TaskService taskService;

	
	/**
	 * 前台登录页面
	 */
	@RequestMapping(value = "${frontPath}/login", method = RequestMethod.GET)
	public String portallogin(HttpServletRequest request, HttpServletResponse response, Model model) {
		Principal principal = UserUtils.getPrincipal();
		
		if (logger.isDebugEnabled()) {
			logger.debug("login, active session size: {}", sessionDAO.getActiveSessions(false)
					.size());
		}

		// 如果已登录，再次访问主页，则退出原账号。
		if (Global.TRUE.equals(Global.getConfig("notAllowRefreshIndex"))) {
			CookieUtils.setCookie(response, "LOGINED", "false");
		}

		// 如果已经登录，则跳转到管理首页
		if (principal != null && !principal.isMobileLogin()) {
			return "redirect:" + frontPath +"/home";
		}

		return "modules/portal/sysLogin";
	}
	
	/**
	 * 登录失败，真正登录的POST请求由Filter完成
	 */
	@RequestMapping(value = "${frontPath}/login", method = RequestMethod.POST)
	public String portalloginFail(HttpServletRequest request, HttpServletResponse response, Model model) {
		Principal principal = UserUtils.getPrincipal();

		// 如果已经登录，则跳转到管理首页
		if (principal != null) {
			// 登录成功后，验证码计算器清零
			getSystemService().isValidateCodeLogin(principal.getLoginName(), false, true);
			return "redirect:" + frontPath +"/home";
		}

		String username = WebUtils.getCleanParam(request,
				FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
		boolean rememberMe = WebUtils.isTrue(request,
				FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
		boolean mobile = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_MOBILE_PARAM);
		String exception = (String) request
				.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
		String message = (String) request
				.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);

		if (StringUtils.isBlank(message) || StringUtils.equals(message, "null")) {
			message = "用户或密码错误, 请重试.";
		}

		model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_MOBILE_PARAM, mobile);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, message);

		if (logger.isDebugEnabled()) {
			logger.debug("login fail, active session size: {}, message: {}, exception: {}",
					sessionDAO.getActiveSessions(false).size(), message, exception);
		}

		// 非授权异常，登录失败，验证码加1。
		if (!UnauthorizedException.class.getName().equals(exception)) {
			model.addAttribute("isValidateCodeLogin", getSystemService().isValidateCodeLogin(username, true, false));
		}

		// 验证失败清空验证码
		request.getSession().setAttribute(ValidateCodeServlet.VALIDATE_CODE, IdGen.uuid());

		
		return "modules/sys/sysLogin";
	}

	/**
	 * 根据用户名直接登录(不安全)
	 * 
	 * @param userName
	 *            用户名 不可空
	 * @param flowId
	 *            流程实例id 不可空
	 * @param request
	 * @param response
	 * @return
	 * @author lgx Date:2016年7月16日；
	 */
	@RequestMapping(value = "${adminPath}/loginByUserName")
	public String loginByUserName(String userName, String flowId, HttpServletRequest request,
			HttpServletResponse response, Model model) {
		
		//boolean success  =false;

		if (StringUtils.isBlank(userName)) {
			addMessage(model, "用户名为空！");
			return "modules/sys/sysLogin";
		}
		if (ValidateUtil.isNumeric(userName)) {
			addMessage(model, "用户名或者密码错误！");
			return "modules/sys/sysLogin";
		}
		
		//userName = Encodes.decodeHexByString(userName);
		
		// 校验用户名密码
		User user = getSystemService().getUserByLoginName(userName);
		
		if (user == null) {
			addMessage(model, "用户或密码错误！");
			return "modules/sys/sysLogin";
		}

		UsernamePasswordToken authcToken = new UsernamePasswordToken();
		authcToken.setHost(request.getLocalAddr());
		authcToken.setUsername(user.getLoginName());
		authcToken.setPassword(user.getPassword().toCharArray());
		authcToken.setRememberMe(true);
		authcToken.setLoginByUserName(true);
		
		Subject currentUser = SecurityUtils.getSubject();
		currentUser.login(authcToken);
 
		return "redirect:" + adminPath;
	}

	/**
	 * 管理登录
	 */
	@RequestMapping(value = "${adminPath}/login", method = RequestMethod.GET)
	public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
		Principal principal = UserUtils.getPrincipal();
		
		//String username = CookieUtils.getCookie(request, "username");
		model.addAttribute("username", CookieUtils.getCookie(request, "username"));
		model.addAttribute("password", CookieUtils.getCookie(request, "password"));
		if (logger.isDebugEnabled()) {
			logger.debug("login, active session size: {}", sessionDAO.getActiveSessions(false)
					.size());
		}

		// 如果已登录，再次访问主页，则退出原账号。
		if (Global.TRUE.equals(Global.getConfig("notAllowRefreshIndex"))) {
			CookieUtils.setCookie(response, "LOGINED", "false");
		}

		// 如果已经登录，则跳转到管理首页
		if (principal != null && !principal.isMobileLogin()) {
			
			if("true".equals(Global.getConfig("isPortal"))){
				return "redirect:" + frontPath +"/home";
			}else{
				return "redirect:" + adminPath;
			}
		}

		return "modules/sys/sysLogin";
	}
	
	
	/**
	 * 登录失败，真正登录的POST请求由Filter完成
	 */
	@RequestMapping(value = "${adminPath}/login", method = RequestMethod.POST)
	public String loginFail(HttpServletRequest request, HttpServletResponse response, Model model) {
		Principal principal = UserUtils.getPrincipal();
		CookieUtils.setCookie(response, "username", request.getParameter("username"), 60*60*24*30);
		CookieUtils.setCookie(response, "password", request.getParameter("password"), 60*60*24*30);
		// 如果已经登录，则跳转到管理首页
		if (principal != null) {
			if("true".equals(Global.getConfig("isPortal"))){
				getSystemService().isValidateCodeLogin(principal.getLoginName(), false, true);
				return "redirect:" + frontPath +"/home";
			}else{
				return "redirect:" + adminPath;
			}
		}

		String username = WebUtils.getCleanParam(request,
				FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
		boolean rememberMe = WebUtils.isTrue(request,
				FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
		boolean mobile = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_MOBILE_PARAM);
		String exception = (String) request
				.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
		String message = (String) request
				.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);

		if (StringUtils.isBlank(message) || StringUtils.equals(message, "null")) {
			message = "用户或密码错误, 请重试.";
		}

		model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_MOBILE_PARAM, mobile);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
		model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, message);

		if (logger.isDebugEnabled()) {
			logger.debug("login fail, active session size: {}, message: {}, exception: {}",
					sessionDAO.getActiveSessions(false).size(), message, exception);
		}

		// 非授权异常，登录失败，验证码加1。
		if (!UnauthorizedException.class.getName().equals(exception)) {
			model.addAttribute("isValidateCodeLogin", getSystemService().isValidateCodeLogin(username, true, false));
		}

		// 验证失败清空验证码
		request.getSession().setAttribute(ValidateCodeServlet.VALIDATE_CODE, IdGen.uuid());

		
		return "modules/sys/sysLogin";
	}

	/**
	 * 登录成功，进入管理首页
	 */
	@RequiresPermissions("user")
	@RequestMapping(value = "${adminPath}")
	public String index(HttpServletRequest request, HttpServletResponse response) {
		Principal principal = UserUtils.getPrincipal();
		
		// 登录成功后，验证码计算器清零
		getSystemService().isValidateCodeLogin(principal.getLoginName(), false, true);
		
		if (logger.isDebugEnabled()) {
			logger.debug("show index, active session size: {}", sessionDAO.getActiveSessions(false)
					.size());
		}

		// 如果已登录，再次访问主页，则退出原账号。
		if (Global.TRUE.equals(Global.getConfig("notAllowRefreshIndex"))) {
			String logined = CookieUtils.getCookie(request, "LOGINED");
			if (StringUtils.isBlank(logined) || "false".equals(logined)) {
				CookieUtils.setCookie(response, "LOGINED", "true");
			} else if (StringUtils.equals(logined, "true")) {
				UserUtils.getSubject().logout();
				if("true".equals(Global.getConfig("isPortal"))){
					getSystemService().isValidateCodeLogin(principal.getLoginName(), false, true);
					return "redirect:" + frontPath +"/home";
				}else{
					return "redirect:" + adminPath;
				}
			}
		}
        //System.out.println(Global.getConfig("isPortal"));
		if("true".equals(Global.getConfig("isPortal"))){
			getSystemService().isValidateCodeLogin(principal.getLoginName(), false, true);
			return "redirect:" + frontPath +"/home";
		}else{
			// 如果是手机登录，则返回JSON字符串
			if (principal.isMobileLogin()) {
				//if (request.getParameter("login") != null) {
				//	return renderStringByJson(response, principal);
				//}
				if (request.getParameter("index") != null) {
					return "modules/sys/sysIndex";
				 }
				if (request.getParameter("login") == null) {
//					return "modules/projectEmployee/menu";
					return "redirect:" + adminPath + "/project/projectEmployee/menu";
				 }
			     return renderStringByJson(response, principal);
				//return "redirect:" + adminPath + "/login";
			}
			return "modules/sys/sysIndex3";
		}
		
	}

	/**
	 * 退出系统 add for lgx 20160320
	 */
	@RequestMapping(value = "${adminPath}/logout")
	public String logout() {

		UserUtils.clearCache();
		UserUtils.getSubject().logout();

		return "redirect:" + adminPath + "/login";

	}
	
	/**
	 * 退出系统 add for lgx 20160320
	 */
	@RequestMapping(value = "${frontPath}/logout")
	public String portalLogout() {

		UserUtils.clearCache();
		UserUtils.getSubject().logout();

		return "redirect:" + frontPath +"/home";

	}

	/**
	 * 获取主题方案
	 */
	@RequestMapping(value = "/theme/{theme}")
	public String getThemeInCookie(@PathVariable String theme, HttpServletRequest request,
			HttpServletResponse response) {
		if (StringUtils.isNotBlank(theme)) {
			CookieUtils.setCookie(response, "theme", theme);
		} else {
			theme = CookieUtils.getCookie(request, "theme");
		}
		return "redirect:" + request.getParameter("url");
	}

	/**
	 * 是否是验证码登录
	 * 
	 * @param useruame
	 *            用户名
	 * @param isFail
	 *            计数加1
	 * @param clean
	 *            计数清零
	 * @return

	@SuppressWarnings("unchecked")
	public static boolean isValidateCodeLogin(String useruame, boolean isFail, boolean clean) {
		Map<String, Integer> loginFailMap = (Map<String, Integer>) CacheUtils.get("loginFailMap");
		if (loginFailMap == null) {
			loginFailMap = Maps.newHashMap();
			CacheUtils.put("loginFailMap", loginFailMap);
		}
		Integer loginFailNum = loginFailMap.get(useruame);
		if (loginFailNum == null) {
			loginFailNum = 0;
		}
		if (isFail) {
			loginFailNum++;
			loginFailMap.put(useruame, loginFailNum);
		}
		if (clean) {
			loginFailMap.remove(useruame);
		}
		return loginFailNum >= 3;
	}	 */
	
	
	/**
	 * 获取系统业务对象
	 */
	public SystemService getSystemService() {
		if (systemService == null){
			systemService = SpringContextHolder.getBean(SystemService.class);
		}
		return systemService;
	}
	
	@RequestMapping(value = "/a/statView")
	public String getStatView() {
		
		return "modules/sys/statView";
	}
	
}
